Thinking security : stopping next year's hackers /
Steven M. Bellovin.
- xv, 381 pages : illustrations ; 24 cm.
- Addison-Wesley professional computing series .
Includes bibliographical references (pages 317-354) and index.
Defining the problem. Introduction -- Thinking about security -- Threat models -- Technologies. Antivirus software -- Firewalls and intrusion detection systems -- Cryptography and VPNs -- Passwords and authentication -- PKI: Public Key Infrastructures -- Wireless access -- Clouds and virtualization -- Secure operations. Building secure systems -- Selecting software -- Keeping software up to date -- People -- System administration -- Security process -- The future. Case studies --Doing security properly.
You already know the endless list of security "do's and don'ts": run AV software and firewalls, lock everything down, encrypt everything, watch all your network traffic, follow checklists But even if you're spending a fortune doing all that, you're at greater risk than ever: even the world's most security-focused organizations are being victimized by massive attacks.